com.metamatrix.platform.security.api
Class AuthorizationPermission

java.lang.Object
  com.metamatrix.platform.security.api.AuthorizationPermission

All Implemented Interfaces:

java.io.Serializable, java.lang.Comparable

Direct Known Subclasses:

BasicAuthorizationPermission, RolePermission

public abstract class AuthorizationPermission
extends java.lang.Object
implements java.lang.Comparable, java.io.Serializable

An authorization permission defines access permissions for a particular resource. A rule determines what action or actions can be performed on a resource, and is comprised of the resource, the actions allowed, and an optional content modifier (which defines an additional criteria that is to be placed upon the usage of the resource).

See Also:

Serialized Form

Field Summary

static AuthorizationActions	DEFAULT_ACTIONS The default action for rules is NONE.
protected int	hashCode The cached value of the hash code for this object.
protected int	PRIME
protected AuthorizationResource	resource The resource of this permission; generally the name of the resource to which this rule applies.

Constructor Summary

protected	AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm realm, AuthorizationActions actions, java.lang.String factoryClassName) Create a new authorization rule for the specified resource.
protected	AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm realm, AuthorizationActions actions, java.lang.String contentModifier, java.lang.String factoryClassName) Create a new authorization rule for the specified resource.
protected	AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm realm, java.lang.String factoryClassName) Create a new authorization rule for the specified resource.

Method Summary

protected abstract java.lang.Object	clone() Make a deep copy of this object.
static int	compare(AuthorizationPermission obj1, AuthorizationPermission obj2) Utility method to compare two AuthorizationPermission instances.
int	compareTo(java.lang.Object o) Compares this AuthorizationPermission to another Object.
boolean	equals(java.lang.Object obj) Returns true if the specified object is semantically equal to this instance.
AuthorizationActions	getActions() Get the operations that the user may perform on the resource, as defined by this rule.
java.lang.String	getContentModifier() Get the content modifier for this rule.
java.lang.String	getFactoryClassName() Obtain the name of the factory class for this rule.
AuthorizationRealm	getRealm() Get the AuthorizationRealm in which this permission belongs.
java.lang.String	getRealmName() Get the name of the realm in which this permission belongs.
AuthorizationResource	getResource() Obtain the resource object for this rule.
java.lang.String	getResourceName() Obtain the name of the resource for this rule.
boolean	hasContentModifier() Determine whether this rule has a content modifier that should be used upon access to the resource.
int	hashCode() Overrides Object hashCode method.
abstract boolean	implies(AuthorizationPermission resource) Checks if the specified resource is ipmlied by this resource instance.
boolean	resourceIsRecursive() Determin if this permission applies to all subnode resources.
java.lang.String	toString() Returns a string representing the current state of the object.

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

DEFAULT_ACTIONS

public static final AuthorizationActions DEFAULT_ACTIONS

The default action for rules is NONE.

resource

protected AuthorizationResource resource

The resource of this permission; generally the name of the resource to which this rule applies. This is a required attributed.

hashCode

protected int hashCode

The cached value of the hash code for this object.

PRIME

protected int PRIME

Constructor Detail

AuthorizationPermission

protected AuthorizationPermission(AuthorizationResource resource,
                                  AuthorizationRealm realm,
                                  AuthorizationActions actions,
                                  java.lang.String contentModifier,
                                  java.lang.String factoryClassName)

Create a new authorization rule for the specified resource.

Parameters:

resource - the resource to which this permission applies.

realm - the name of the realm for this rule (may not be null, but may be empty)

actions - the actions to apply to the resource

contentModifier - the content modifier (may be null)

factoryClassName - The factory class name that can instantiate this permission (may not be null)

AuthorizationPermission

protected AuthorizationPermission(AuthorizationResource resource,
                                  AuthorizationRealm realm,
                                  java.lang.String factoryClassName)

Create a new authorization rule for the specified resource.

Parameters:

resource - The new resource

realm - the name of the realm for this rule (may not be null, but may be empty)

factoryClassName - The factory class name that can instantiate this permission (may not be null)

AuthorizationPermission

protected AuthorizationPermission(AuthorizationResource resource,
                                  AuthorizationRealm realm,
                                  AuthorizationActions actions,
                                  java.lang.String factoryClassName)

Create a new authorization rule for the specified resource.

Parameters:

resource - The new resource

realm - the name of the realm for this rule (may not be null, but may be empty)

actions - the actions for the resource

factoryClassName - The factory class name that can instantiate this permission (may not be null)

Method Detail

clone

protected abstract java.lang.Object clone()
                                   throws java.lang.CloneNotSupportedException

Make a deep copy of this object.

Overrides:

clone in class java.lang.Object

Returns:

The newly copied object.

Throws:

java.lang.CloneNotSupportedException

getFactoryClassName

public java.lang.String getFactoryClassName()

Obtain the name of the factory class for this rule.

Returns:

the factory class name

resourceIsRecursive

public boolean resourceIsRecursive()

Determin if this permission applies to all subnode resources.

Returns:

true if this permission's resource is a node in a subtree and the allowed Action applies to all subnodes, false otherwise.

getResourceName

public java.lang.String getResourceName()

Obtain the name of the resource for this rule.

Returns:

the resource name

getResource

public AuthorizationResource getResource()

Obtain the resource object for this rule.

Returns:

the resource

hasContentModifier

public boolean hasContentModifier()

Determine whether this rule has a content modifier that should be used upon access to the resource.

Returns:

true if this rule has a content modifier

getContentModifier

public java.lang.String getContentModifier()

Get the content modifier for this rule. The content modifier should be used upon access to the resource.

Returns:

the content modifier

getRealmName

public java.lang.String getRealmName()

Get the name of the realm in which this permission belongs.

Returns:

The realm name for this permission

getRealm

public AuthorizationRealm getRealm()

Get the AuthorizationRealm in which this permission belongs.

Returns:

The realm for this permission

getActions

public AuthorizationActions getActions()

Get the operations that the user may perform on the resource, as defined by this rule.

Returns:

this rule's actions

implies

public abstract boolean implies(AuthorizationPermission resource)

Checks if the specified resource is ipmlied by this resource instance.

Parameters:

resource - the AuthorizationPermission instance to be checked

Returns:

true if the specified resource is implied by this object, false if not

Throws:

java.lang.IllegalArgumentException - if the specified resource is null or incomplete.

toString

public java.lang.String toString()

Returns a string representing the current state of the object.

Overrides:

toString in class java.lang.Object

hashCode

public int hashCode()

Overrides Object hashCode method.

Overrides:

hashCode in class java.lang.Object

Returns:

a hash code value for this object.

See Also:

Object.hashCode(), Object.equals(Object)

equals

public boolean equals(java.lang.Object obj)

Returns true if the specified object is semantically equal to this instance. Note: this method is consistent with compareTo().

Overrides:

equals in class java.lang.Object

Parameters:

obj - the object that this instance is to be compared to.

Returns:

whether the object is equal to this object.

compareTo

public int compareTo(java.lang.Object o)
              throws java.lang.ClassCastException

Compares this AuthorizationPermission to another Object. If the Object is an AuthorizationPermission, this function compares the name. Otherwise, it throws a ClassCastException (as policyID instances are comparable only to other AuthorizationPermission instances). Note: this method is consistent with equals().

Specified by:

compareTo in interface java.lang.Comparable

Parameters:

o - the object that this instance is to be compared to.

Returns:

a negative integer, zero, or a positive integer as this object is less than, equal to, or greater than the specified object, respectively.

Throws:

java.lang.ClassCastException - if the specified object's type prevents it from being compared to this AuthorizationPermission.

compare

public static final int compare(AuthorizationPermission obj1,
                                AuthorizationPermission obj2)

Utility method to compare two AuthorizationPermission instances. Returns a negative integer, zero, or a positive integer as this object is less than, equal to, or greater than the specified object.

Subclasses may not override this method because it is designed to enforce a constraint placed on all AuthorizationPermissions.

This method assumes that all type-checking has already been performed.

Parameters:

obj1 - the first policyID to be compared

obj2 - the second policyID to be compared

Returns:

-1, 0, +1 based on whether obj1 is less than, equal to, or greater than obj2